Skip to content

Pulse Connect Secure

Introduction

The purpose of this document is to provide a configuration guideline on how to implement Mideye two-factor authentication for Pulse Connect Secure.

Integration steps

Login to pulse secure using the admin page https://FQDN/admin.

Create a new authentication server

Navigate to “Authentication” followed by “Auth.Servers”. Select “RADIUS Server” in the dropdown list and select “New Server…”

Name: Give the authentication server a friendly name.
NAS-Identifier: Leave blank.
RADIUS Server: Enter the IP or hostname of the Mideye Radius Server.
Authentication port: Default value is UDP/1812.
Shared Secret: Enter a shared secret that should be identical on both the pulse secure and the Mideye Server RADIUS-client.
Accounting: Default value is UDP/1813 (this port must also be defined as a RADIUS Server in the Mideye Server)
Timeout: Set the timeout to 35 seconds. This is mandatory, so that any fallback method have enough time to finish before timing out.
Retries: Set to 0.

Configuration of RADIUS server

Under “Custom Radius Rules”, click “New RADIUS Rule.”

Name: Name the rule “Access Reject”
Response Packet Type: Access Reject
Attribute criteria: Radius Attribute; Reply-Message (18), matches the expression; Add (.*) to value field; Click “Add”.

Select “Show user login page with error message” → “Show Reply-Messages attribute from the RADIUS server to the user”

Click “Save Changes”.

Create Custom Access Reject Radius Rule

Again, click “New RADIUS Rule”

Name: Name the rule “Access Challenge”
Response Packet Type: Access Challenge
Attribute criteria: Radius Attribute; Reply-Message (18), matches the expression; Add (.*) to value field; Click “Add”.

Select “Show Generic Login page”

Click “Save Changes”.

Click “Save changes” to save the authentication server

Apply the authentication server to a user realm

Navigate to “Users” → “User realm” and select the realm that should be protected using Mideye authentication. Add the created RADIUS-server and click “Save Changes”

Troubleshooting

Check RADIUS-logs

Check if anything is written to the Mideye RADIUS logs

Mideye Server\log\radius-messages.log

If nothing is logged, verify that udp/1812 is allowed between your Pulse Secure and Mideye Server.

Contact Mideye support

For further support please contact Mideye support, support@mideye.com, +46854514750.